Security and hacking

Security in-a-box. Rapid Responses For Compromised Phones. Tips, Tools and How-tos for Safer Online Communications. FBI Surveillance Hacks Android Devices, Laptops. In recent months, Americans were aghast to learn that their phone calls were secretly being recorded and collected by a government agency, the NSA, when the extent of their indiscriminate wiretapping program was leaked to the public.

But if you think that’s an invasion of privacy, you’d better hope the NSA never gets its hands on FBI surveillance techniques and tactics…such as the ability to remotely turn on the microphones in laptops and Android devices without you knowing it. How’s that for Big Brother? Because what’s a little espionage between family? We’ve all watched enough TV to know that wiretapping is no problem for the mishmash of acronymic government agencies (FBI, CIA, NSA, NASA, etc.), but those same shows have taught us certain assumptions about wiretapping, like the necessity of a warrant, and the necessity of the phone actually being in a call. Just like the rest of them.
New Links~ 'Hacker News'. Data Breaches and How to Secure Against Them. Applications and operating systems are easily reinstalled.

However, your data is quite a bit more unique. This means that it is the most critical thing that you have on your network or computer.
Everything You Wanted to Know about TOR & the Deep Web. The Real Science Behind Cracking Passwords. b46f685f85e0af830d82ddbbe795eff3 By adding a unique salt, I can do something about that.

I created a quick Javascript program that takes the user’s name, and pulls the first and last three letters from their username and makes them into a salt. Then, the program takes the salt, plus the user’s password, and runs them through the MD5 algorithm and produces the hash that will be their password. Take a look at the results below.
New Trojan Turns Linux Devices into Botnet. New Linux Trojan turns infected Linux Devices and websites into P2P botnets and threatens users with DDoS and ransom!

— This Trojan is one of its kind! Linux is considered as one of the most secure operating systems but things seem to be changing as cyber criminals are equipping themselves with the latest tools. That’s why recently, researchers at Doctor Web have discovered a Linux trojan that can turn an infected Linux device and websites into a P2P botnets. Usually, a malware is designed to infect devices in order to steal financial and personal data but ”Linux.Rex.1” malware has the ability to perform DDoS attacks from the infected device, send malicious messages and distribute itself to others networks. Must Read: Hackers Compromise the Download Link for Linux Mint with Backdoor.

Sometimes they suddenly slow down to a crawl, other times they start to freeze up or even crash for what seems to be no reason at all. Most of the time though, there is a reason why our computers start to act funny. One of those reasons is due to malware and viruses.
5 Terrifying Smartphone Hacks You Won't Believe Are Possible. Sometimes we fail to appreciate the fact that today, right now, we're living in a sci-fi universe.

The smartphone is a miracle of mathematics and engineering genius, converting a little over 4 ounces of inert matter into a Star Trek-level wondercomputer. But the downside of storing your entire world inside an ass-pocket-dwelling supercomputer is that there are always those who are itching to turn that technology against you in ways you'd never expect, like ... #5.
Simple Steps to Hack a Smartphone. What kind of information do you have on your business card?

Company name? Check.
Android 4.4 KitKat also affected by Master Key vulnerability. The flaw known as “Android Master Key vulnerability” is considered a nightmare for Android OS, last July it was discovered for the first time and experts revealed that 99% of Android devices are vulnerable.

The Master Key vulnerability allows hackers to modify any legitimate and digitally signed application in order to include malicious code that can be used to steal data or to gain remote control of the mobile device. The Master Key vulnerability was discovered and responsibly disclosed by Bluebox Labs that demonstrated that the Android vulnerability allows app modification preserving signatures. The flaw was fixed later with Android 4.3 Jelly Bean version, Google adopted as countermeasure the modification of app submission process to the Play Store to avoid the publishing of malicious application that have been packaged using such exploit.
Hackers Exploit Default Apps to Install Malware on Samsung Galaxy S4. Researchers Demonstrate Exploits Against Mobile Platforms at Mobile Pwn2Own 2013 This week at the Mobile Pwn2Own hacking contest taking place at the PacSec Applied Security Conference in Tokyo, Japan, a team of security researchers demonstrated exploits against several applications installed by default on Samsung Galaxy S4 smartphones that enabled them to silently install a malicious application and steal sensitive data.

Team MBSD, of Japanese firm Mitsui Bussan Secure Directions, Inc., earned $40,000 for their exploit efforts which enabled them to successfully compromise the Samsung device running Google’s Android. “This team exploited multiple apps, installed by default on the Samsung Galaxy S4 to install malware and steal confidential data,” HP’s Heather Goudey explained in a blog post. “In order for the exploit to be successful, the affected user must first be lured to an attacker-controlled malicious website. The vulnerability was disclosed to Samsung, HP said.
Black Hat: Top 20 hack-attack tools. Network World - Turn someone else’s phone into an audio/video bug.

Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening — yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. The repercussions for the average computer user are minimal, but if you’re a secret agent, power user, or some other kind of encryption-using miscreant, you may want to reach for the Rammstein when decrypting your data. This acoustic cryptanalysis, carried out by Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses what’s known as a side channel attack. A side channel is an attack vector that is non-direct and unconventional, and thus hasn’t been properly secured.

He adds an extra layer of security to some accounts by entering a special code that he receives via text message. And he uses browser extensions to avoid downloading malware by accidentally visiting dangerous Web sites. Some techniques “may seem like a ‘Mission Impossible’ level of security to the average user," Lamo said.

But the average user could learn a thing or two from hackers like Lamo, who are not only skilled at breaking into others' PCs, but have devised sophisticated -- in some cases, extreme -- methods for protecting their own.
Top 50 Hacking Tools That You Must Have. Whether you are a Penetration tester, a hacker or an aspiring newbie trying to learn Cyber Security, you must have a nice catalogue of tools to make your life easier. While these tools do make working simpler but cannot compensate for the vast amount of knowledge required in this field.

The definitive glossary of hacking terminology. We live in an era of unprecedented cyberattacks, where malicious campaigns, both personal and governmental, are carried out across laptops and wireless networks. Even if you are not technically minded, your day-to-day life is still probably pretty crowded with stories about hacking, whether you recognize them as such or not. Have you ever installed an antivirus tool on your computer? Read a story about WikiLeaks or the Arab Spring? Opened a bank account? Then hacking is important to you, even if remains largely in the background of your life.
CELL PHONE HACKS. Since the popularity of text messages have significantly increased during the recent years, it has also become a popular channel for most people to exchange secret messages and engage in dubious activities.

Free Anonymous Hacking Tools 2013 – 2014. Greeting BinusHacker Family, Berikut ini kita berbagi Peralatan / Tools yang biasanya dipakai oleh pentester, hacker, cracker, phiser dan bahkan Anonymous.
How To Search On Google Like Elite Hackers. Google is best search engine in the world. Actually people think that Google's popularity is because of its simple and fast searching interface but friends, its more popular because it has rich operators and query support that will make your searching experience even better.

Start Hacking. Mobile Spy - Monitor SMS Text Messages, Call Info and GPS Locati. Hackers Handbook. Operation DisBARLeiderman. Opt out of global data surveillance programs like PRISM, XKeyscore, and Tempora - PRISM Break. Internet Toolkit. Update Check. Anonymous Operating System. GNU hackers discover HACIENDA government surveillance and give us a way to fight back — Free Software Foundation — working together for free software. According to Heise newspaper, the intelligence agencies of the United States, Canada, United Kingdom, Australia, and New Zealand, have used HACIENDA to map every server in twenty-seven countries, employing a technique known as port scanning. The agencies have shared this map and use it to plan intrusions into the servers.

Disturbingly, the HACIENDA system actually hijacks civilian computers to do some of its dirty work, allowing it to leach computing resources and cover its tracks.
The Unpatchable Malware That Infects USBs Is Now on the Loose. SecTools.Org Top Network Security Tools. Experts crack nasty ransomware that locks your PC and your backup. The Web's #1 Hacking Tools Directory - with tutorial videos!
Black Hat: Top 20 hack-attack tools. Security Distributions.
Linux Security - The Community's Center for Security.

There are more advanced tools, such as Metasploit, which lets you speedily try different hacking scenarios, but many of its principles are based on what I’ve already written about. In short: you can get a lot of mileage from trying out simple remote access trojans or RATs, reverse shells, password/hash crackers, hash dumping, and pass-the-hash in your own IT environment. Whatever approach you settle on, keep our Inside Out philosophy in mind.
Penetration Testing Explained, Part VI: Passing the Hash. Penetration Testing Explained, Part V: Hash Dumping and Cracking. Penetration Testing Explained, Part IV: Making the Lateral Move. Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells. Penetration Testing Explained, Part II: RATs!
Penetration Testing Explained, Part I: Risky Business. How to use Google for Hacking. Quantum cryptography system hacked. Trojan hides in Google Play games, uses steganography to find more malicious code to run.